#!/bin/bash

# 测试API的curl脚本
# 使用方法: ./test-api.sh

# 设置基础URL
BASE_URL="http://localhost:8080"

# 设置颜色输出
GREEN='\033[0;32m'
RED='\033[0;31m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

echo -e "${YELLOW}===== Spring Boot + MariaDB API 测试脚本 =====${NC}"
echo

# 模拟登录获取令牌
# 注意：这里假设有一个/api/auth/signin端点用于获取令牌
# 实际使用时请根据项目的认证机制调整
echo -e "${YELLOW}1. 模拟管理员登录获取令牌${NC}"
ADMIN_TOKEN=$(curl -s -X POST "${BASE_URL}/api/auth/signin" \
  -H "Content-Type: application/json" \
  -d '{"username":"admin","password":"admin123"}' | grep -o '"token":"[^"]*' | cut -d'"' -f4)

if [ -z "$ADMIN_TOKEN" ]; then
  echo -e "${RED}获取管理员令牌失败，请确保认证服务正在运行${NC}"
  echo -e "${YELLOW}继续测试将使用模拟令牌...${NC}"
  ADMIN_TOKEN="admin-mock-token"
else
  echo -e "${GREEN}成功获取管理员令牌${NC}"
fi

echo -e "${YELLOW}2. 模拟普通用户登录获取令牌${NC}"
USER_TOKEN=$(curl -s -X POST "${BASE_URL}/api/auth/signin" \
  -H "Content-Type: application/json" \
  -d '{"username":"user","password":"user123"}' | grep -o '"token":"[^"]*' | cut -d'"' -f4)

if [ -z "$USER_TOKEN" ]; then
  echo -e "${RED}获取用户令牌失败，请确保认证服务正在运行${NC}"
  echo -e "${YELLOW}继续测试将使用模拟令牌...${NC}"
  USER_TOKEN="user-mock-token"
else
  echo -e "${GREEN}成功获取用户令牌${NC}"
fi

echo
echo -e "${YELLOW}===== 测试API端点 =====${NC}"

# 测试获取所有用户 (需要ADMIN角色)
echo
echo -e "${YELLOW}3. 测试获取所有用户 (ADMIN角色)${NC}"
echo "curl -X GET \"${BASE_URL}/api/users\" -H \"Authorization: Bearer \$ADMIN_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users" \
  -H "Authorization: Bearer $ADMIN_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试获取所有用户 (使用USER角色 - 应该被拒绝)
echo
echo -e "${YELLOW}4. 测试获取所有用户 (USER角色 - 应该被拒绝)${NC}"
echo "curl -X GET \"${BASE_URL}/api/users\" -H \"Authorization: Bearer \$USER_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users" \
  -H "Authorization: Bearer $USER_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试根据ID获取用户 (ADMIN角色)
echo
echo -e "${YELLOW}5. 测试根据ID获取用户 (ADMIN角色)${NC}"
echo "curl -X GET \"${BASE_URL}/api/users/1\" -H \"Authorization: Bearer \$ADMIN_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users/1" \
  -H "Authorization: Bearer $ADMIN_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试根据ID获取用户 (USER角色)
echo
echo -e "${YELLOW}6. 测试根据ID获取用户 (USER角色)${NC}"
echo "curl -X GET \"${BASE_URL}/api/users/1\" -H \"Authorization: Bearer \$USER_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users/1" \
  -H "Authorization: Bearer $USER_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试获取不存在的用户
echo
echo -e "${YELLOW}7. 测试获取不存在的用户${NC}"
echo "curl -X GET \"${BASE_URL}/api/users/999\" -H \"Authorization: Bearer \$ADMIN_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users/999" \
  -H "Authorization: Bearer $ADMIN_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试获取相似用户 (ADMIN角色)
echo
echo -e "${YELLOW}8. 测试获取相似用户 (ADMIN角色)${NC}"
echo "curl -X GET \"${BASE_URL}/api/users/similar/1?count=3\" -H \"Authorization: Bearer \$ADMIN_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users/similar/1?count=3" \
  -H "Authorization: Bearer $ADMIN_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试获取相似用户 (USER角色)
echo
echo -e "${YELLOW}9. 测试获取相似用户 (USER角色)${NC}"
echo "curl -X GET \"${BASE_URL}/api/users/similar/1\" -H \"Authorization: Bearer \$USER_TOKEN\""
curl -s -X GET "${BASE_URL}/api/users/similar/1" \
  -H "Authorization: Bearer $USER_TOKEN" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

# 测试无认证访问
echo
echo -e "${YELLOW}10. 测试无认证访问${NC}"
echo "curl -X GET \"${BASE_URL}/api/users\""
curl -s -X GET "${BASE_URL}/api/users" | jq . || echo "命令失败，请确保jq已安装或查看原始输出"

echo
echo -e "${YELLOW}===== 测试完成 =====${NC}"
echo -e "${GREEN}提示: 如果看到格式化的JSON输出，表示请求成功。${NC}"
echo -e "${GREEN}提示: 如果看到错误消息或空输出，请检查服务器日志以获取更多信息。${NC}"
